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THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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earned patent term adjustment. See 37 CFR 1.704(b). 
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1 )S Responsive to communication(s) filed on 30 November 2000 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
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DETAILED ACTION 


Claims 1-10 have been examined. 


Priority 


2. No claim for priority has been made in this application. 

3. The effective filing date for the subject matter defined in the pending claims in this 
application is 11/30/2000. 


The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 1 02 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1- 2 and 4, 6-7 and 9 are rejected under 35 U.S.C. 103(a) as obvious over Tulloch 
(Mitch Tulloch, "Administering Internet Information Server 4 New York McGraw-Hill 
Professional 1998, ISBN: 0072128232). 

5. Re claim 1 : Tulloch teaches a method for authorizing access by remote entities (client) to 

logical units (files and folders) provided by a mass storage device (volume) (Tulloch pg. 
81) comprising: 

providing an access table that includes entries that each represents authorization of a 
particular remote entity to access a particular logical unit (Tulloch pg. 152); and 
when a remote entity requests execution of an operation directed to a specified 
control device logical unit and involving one or more additional specified logical 


Claim Rejections - 35 USC § 103 
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units, authorizing the request for execution of the operation only when an entry exists 
in the access table that represents authorization of the remote entity to access the 
specified control device logical unit and, for each of the one or more additional 
specified logical units (Tulloch pg. 133). 
Although Tulloch teaches entries that each represents a particular control device logical 
unit (virtual server) to access a particular logical unit (Tulloch pg. 1 77-1 79 and Figure 5- 
13 pg. 182), Tulloch does not explicitly teach providing a supplemental access table that 
includes entries that each represents authorization of a particular control device logical 
unit to access a particular logical unit; and 

when a remote entity requests execution of an operation directed to a specified control 
device logical unit and involving one or more additional specified logical units, 
authorizing the request for execution of the operation only when an entry exists in the 
supplemental access table that represents authorization of the specified control device 
logical unit to access the additional specified logical unit. 

However, Tulloch teaches tables with customized access (Tulloch pg. 152) and as pg. 174 
(§ 1-2) there is a direct relationship between a control device logical unit and a logical 
unit. Thus the examiner believes that this at least renders obvious and most probably is 
anticipated that in order to resolve the control device logical entry into the appropriate 
logical unit there a table-like structure listing the relationship of these entities is used. 
6. Re claim 4: Although Tulloch teaches the method for authorizing access by remote entities to 
logical units provided by a mass storage device he does not explicitly teach the method 
wherein the supplemental access table includes entries each comprising: 
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an indication of a control device logical unit; and 

an indication of a logical unit. 
However, Tulloch teaches an access table that includes entries that each represents 
authorization of a particular remote entity to access a particular logical unit (Tulloch pg. 
152) ; tables with customized access (Tulloch pg. 152) and as pg. 174 (§ 1-2) shows 
there is a direct relationship between a control device logical unit and a logical unit. Thus 
the examiner believes that this at least renders obvious and most probably is anticipated 
that in order to resolve the control device logical entry into the appropriate logical unit 
there a table-like structure listing the relationship of these entities is used. 

7. Re claim 2: Although Tulloch does not explicitly teach the method wherein the mass storage 

device includes ports through which requests from remote entities are received, wherein 
authorizing a request for execution is carried out by a controller within the mass storage 
device, this feature is anticipated by Tulloch as pg. 303 (§5) shows that in order to 
communication between a client and a server being formed the client and the server must 
have ports open, and as pg. 152 shows that all access to logical units is controlled by a 
mass storage device control mechanism therefore any execution requests are authorized 
by the controller within the mass storage device. 

8. Claims 6-7 and 9 are substantially equivalent to claims 1-2 and 4; therefore claims 6-7 and 9 

are similarly rejected. 

9. Claims 3, 5, 8 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Tulloch (Mitch Tulloch, " Administering Internet Information Server 4", New York McGraw- 
Hill Professional 1998, ISBN: 0072128232) as applied to claims 2 and 7 above, in view of 
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Microsoft Press (Microsoft Press, "Microsoft Windows NT Sender, Resource Guide", 1996, 
ISBN: 1-57231-344-7). 

10. Re claim 3 and 5 Although Tulioch does not explicitly teach the method wherein the mass 
storage device includes ports through which requests from remote entities are received, 
wherein the access table includes entries each comprising: 

an indication of a logical unit or control device logical unit; 
an indication of a port; and 
and indication of a remote entity. 
However, Tulioch teaches tables with customized access for logical unit and remote 
entities (Tulioch pg. 152), shows that in order to communication between a client and 
a server being formed the client and the server must have ports open (pg. 303 §5). 
Therefore it would have been obvious to one of ordinary skill in art at the time of 
applicant's invention to include ports within the table in order to provide even more 
secure environment to prevent logical unit attacks by remote entities. 
1 1 . Tulioch does not teach the method wherein the mass storage device is a disk array and 
remote entities are remote computers interconnected with the disk array via a 
communications medium. Microsoft Press teaches that a mass storage device is 
implemented using hard disks (Microsoft Press, pg. 73 § 8) and that disk array 
provides fault-tolerant disk configuration (Microsoft Press, pg. 155 §7). Therefore it 
would have been obvious to one of ordinary skill in art at the time of applicant's 
invention to use the disk array to minimize risk of data loss. 
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12. Claims 8 and 10 are substantially equivalent to claims 3 and 5; therefore claims 8 and 10 
are similarly rejected. 


Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

13. Claims 1-4 and 6-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Sicola et 
al. (U.S. Patent No. 6,356,979) in view ofSchultz (E.Eugene Schultz, "Windows NT/2000 
Network Security", 1 st edition, ISBN: 1-57870-253-4, August 2000) 

14. Sicola et al. teaches a method for authorizing access by remote entities (hosts) to logical units 

provided by a mass storage device (storage system) comprising: 
providing a supplemental access table that includes entries that each represents 
authorization of a particular control device logical unit to access a particular logical unit 
(Sicola et al., col 5 lines 4-13). 

wherein the mass storage device includes ports through which requests from remote 
entities are received, and wherein authorizing a request for execution is carried out by a 
controller within the mass storage device (Sicola et al, col. 5 lines 33-61, Fig. 4B), and 
wherein the access table includes entries each comprising: 




Application/Control Number: 09/726,852 
Art Unit: 2134 


Page 7 


an indication of a logical unit or control device logical unit (controller, Sicola et 


al, host connection list, Fig, 4b)\ 


an indication of a port (port, Sicola et al, host connection list, Fig. 4 b); and 


an indication of a remote entity (host, Sicola et ai, host connection list, Fig. 4b), 


15. Sicola et al. does not specifically teach providing a supplemental access table which includes 
entries each comprising: 

an indication of a control device logical unit; and 

an indication of a logical unit, and 
when a remote entity requests execution of an operation directed to a specified control 
device logical unit and involving one or more additional specified logical units, 
authorizing the request for execution of the operation only when an entry currently exists 
in the access table that represents authorization of the remote entity to access the 
specified control device logical unit and, for each of the one or more additional specified 
logical units, 

an entry exists in the supplemental access table that represents authorization of the 
specified control device logical unit to access the additional specified logical unit. 
Schultz teaches that information security is the most important issue as confidentiality of 
data is a major concern for most organizations (Schultz, pg. 14), Schultz teaches 
protection at the logical unit level by assigning appropriate permissions to each logical 
unit (Schultz, pg. 360-361, Authorization and NTFS-5). Since Sicola et ai teaches only 
authorization to control device logical unit but "unregulated" access to logical unit it 
would have been obvious to one of ordinary skill in art at the time of applicant's 


V 
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invention to include and utilize additional (supplemental access) table (according to 
Schultz's teaching) into Sicola et al invention. By authorizing control device logical unit 
working on behalf of remote entities the supplemental table would provide protection 
directly to data. 

16. Claims 6-9 are substantially equivalent to claims 1-4; therefore claims 6-9 are similarly 
rejected. 

17. Claim 5 and 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Sicola et al. 
(U.S. Patent No. 6,356,979) as applied to claim 2 above. 

18. Sicola et al. teach the method of wherein the mass storage device is a disk array and remote 

entities are remote computers interconnected with the disk array and remote entities are 
remote computers interconnected with the disk array via a communications medium 
(Sicola et al., abstract, co. 5 lines 45-50, and col. 6 lines 26-29). 

19. Claim 10 is substantially equivalent to claim 5; therefore claim 10 is similarly rejected. 


No claim is allowed. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Peter Poltorak whose telephone number is (703) 305-0719. The examiner 
can normally be reached Monday through Thursday from 9:00 a.m. to 4:00 p.m. and alternate 
Fridays from 9:00 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached on (703) 308-4789. 


Conclusion 
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Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the Group receptionist whose telephone number is (703) 305-9000. 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, DC 20231 
Or faxed to: 

(703) 746-7239 (for formal communications intended for entry) 

Or: 

(703) 746-7240 (for informal or draft communications, please label 
"PROPOSED" or "DRAFT") 

Hand-delivered response should be brought to Crystal Park II, 2121 Crystal Drive, 
Arlington, VA 22202, Fourth Floor (Receptionist). 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications, see http://pair-direct.uspto.gov . Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free) 
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